summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorINOPIAE <inopiae@cacert.org>2014-06-11 08:19:05 +0200
committerBenny Baumann <BenBE@geshi.org>2014-12-02 22:51:54 +0100
commita36105cee86ba70d66829b1aa559a2681711af80 (patch)
tree1d440757d382ee75b5573e51735957a7fa68387c
parentc1720a3bb6dd07af2cf4b359bd85d0ad614c6bab (diff)
downloadcacert-devel-a36105cee86ba70d66829b1aa559a2681711af80.tar.gz
cacert-devel-a36105cee86ba70d66829b1aa559a2681711af80.tar.xz
cacert-devel-a36105cee86ba70d66829b1aa559a2681711af80.zip
bug 1282: changed the check routine for ID
-rw-r--r--pages/account/49.php14
1 files changed, 8 insertions, 6 deletions
diff --git a/pages/account/49.php b/pages/account/49.php
index 1de9952..9802917 100644
--- a/pages/account/49.php
+++ b/pages/account/49.php
@@ -19,14 +19,16 @@
$userid=0; if(array_key_exists('userid',$_GET)) $userid=intval($_GET['userid']);
if($userid <= 0)
{
- $domainsearch = $domain = mysql_escape_string(stripslashes($_POST['domain']));
- if(!strstr($domain, "%"))
+ $domainsearch = $domain = mysql_real_escape_string(trim(stripslashes($_POST['domain'])));
+ if(!strstr($domain, "%")) {
$domainsearch = "%$domain%";
- if(preg_match("/^\d+$/",$domain))
- $domainsearch = "";
+ }
+
//check if request is id if not set search ID to -1
- $domainid = intval($domain);
- if($domain !== $domainid){
+ if(preg_match('/^#(\d+)$/', $domain, $match)) {
+ $domainsearch = "";
+ $domainid = intval($match[1]);
+ } else {
$domainid = -1;
}